mirror/iopsys-feed
1
0
Fork 0
mirror of https://dev.iopsys.eu/feed/iopsys.git synced 2025-12-10 07:44:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

security fixes: change _access_r to _access_w

Browse source 
ice-client: perform del_list prior to add_list _access_w
This commit is contained in:
Jakob Olsson 2018-10-15 16:38:01 +02:00
parent 54e25d9c59
commit 5260f1ecfb
3 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
ice-client/files/ice-client.uci_default
View file

@ -7,7 +7,8 @@ grep -rq "^ice:" /etc/passwd || {
uci -q delete passwords.ice
uci -q set passwords.ice=usertype
uci -q set passwords.ice.password="\$WPAKEY"
uci -q add_list passwords.ice._access_r=root
uci -q del_list passwords.ice._access_w=root
uci -q add_list passwords.ice._access_w=root
uci -q commit passwords
uci show rpcd | grep username=.*ice.* >/dev/null || {
@ -16,7 +17,7 @@ cat >> /etc/config/rpcd << EOF
config login
option username 'ice'
option password '\$p\$ice'
list _access_r 'none'
list _access_w 'none'
list write 'user-user'
list write 'juci-broadcom-dsl'
list write 'juci-broadcom-dsl-admin'

3
netmode/files/lib/functions/netmode.sh
View file

@ -377,7 +377,8 @@ populate_netmodes() {
if json_select acl; then
_i=1
while json_get_var user $_i; do
uci add_list netmode.$mode._access_r="$user"
uci del_list netmode.$mode._access_w="$user"
uci add_list netmode.$mode._access_w="$user"
_i=$((_i+1))
done
json_select ..

2
voice-client/files/etc/uci-defaults/99-voice_client
View file

@ -53,6 +53,8 @@ uci -q batch <<-EOT
set firewall.sip=include
set firewall.sip.path=/etc/firewall.sip
set firewall.sip.reload=1
uci del_list firewall.sip._access_w="root"
uci add_list firewall.sip._access_w="root"
commit firewall
EOT